16:53 GMT26 October 2020
Listen Live
    Tech
    Get short URL
    231
    Subscribe

    Apple has been running an invitation-based bug bounty program for selected security researchers only, but announced impending changes to it earlier this year at the Black Hat security conference in Las Vegas.

    Apple has opened a hacking program that will offer cash prizes to people who discover bugs and security flaws in the company's full range of devices, ZDNet reported on Friday.

    To make it official, Apple has published a new page on its website, detailing the bug bounty program's rules, along with a breakdown of the rewards researchers can earn.

    The program, called Apple Security Bounty, is expanding on an earlier-launched invitation-only project dated 2016 to seek out holes in Apple’s iPhone security.

    The new, expanded version will for the first time include iPads, Apple laptops and desktops, Apple TV, and Apple Watch, according to the official announcement of the move back in August, at the Black Hat security conference in Las Vegas.

    A range of bounty prizes are on offer for anyone who can discover bugs that affect multiple devices, with an additional 50 percent bonus for bugs discovered in any of its software that is in beta.

    To qualify for a prize, hackers or security experts need to submit a detailed description of the bug, with the Cupertino-based tech giant able to replicate the issue and conclude the steps as described cause the exploit or bug with reasonable reliability.

    “Proof of concept” submissions will also be eligible for prizes, but only at half the value of a fully detailed and replicable report.

    The top prize of $1 million will go to those who can successfully engineer a “zero-click”’ attack.

     The latter is something that allows access to another person’s device without needing the original owner to click on a malicious link.

    Other prizes range from $25,000 to $500,000, and include lockscreen bypass hacks, cracking into an iCloud account, and allowing unauthorised apps access to sensitive data.

    Back in August Apple also announced it will provide selected security researchers with access to special "hackable" phones.

    These devices, with most security features disabled, have existed for years at Apple and have been used by employees to hunt bugs before prototypes are sent to mass-production.

    ​Now, the company will be providing vetted security researchers with access to these devices to aid with hunting down bugs in its code.

    Related:

    US Sanctions 'Evil Corp' over $100 Million Hack
    US Authorities Arrest Minor Allegedly Aligned With Group That Hacked Jack Dorsey
    How 'Bout Them Apples? iPhone Users Consume Adult Content More Actively than Android Users - PornHub
    iSatellite? Apple Reportedly Working on Secret Space Communications Network
    WikiLeaks Releases CIA Tools for Stealthy Hacking of Apple's Operating System
    Apple to Pay One Million Dollar Bounty to Anyone Who Can Hack iPhone
    Tags:
    bugs, computer bugs, Hacking, hacking, iPhone, Apple, Apple, Apple
    Community standardsDiscussion